From d6d949139c92b94d0eb1f5f7212831eb89b44ee4 Mon Sep 17 00:00:00 2001
From: Yan Lin <github@yanlincs.com>
Date: Wed, 22 Oct 2025 20:26:11 +0200
Subject: [PATCH] add tunnel-on proxy to gnome-enabled hosts

---
 modules/gnome.nix | 69 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)

diff --git a/modules/gnome.nix b/modules/gnome.nix
index 6eccf8b..8adaec5 100644
--- a/modules/gnome.nix
+++ b/modules/gnome.nix
@@ -141,5 +141,74 @@ in
       gnomeExtensions.hide-top-bar
       gnomeExtensions.pano
     ];
+
+    # SSH tunnel functions for SOCKS proxy via GNOME system proxy
+    programs.zsh.initContent = ''
+      # SSH tunnel functions for easy VPN-like functionality
+      function tunnel-on() {
+        if [[ -z "$1" ]]; then
+          echo "Usage: tunnel-on <host>"
+          return 1
+        fi
+
+        local host="$1"
+        local port=1080  # Use port 1080 (standard SOCKS port)
+
+        # Check if there's already an active tunnel
+        local existing_tunnel=$(ps aux | grep -E "ssh -D $port" | grep -v grep)
+        if [[ -n "$existing_tunnel" ]]; then
+          echo "Existing tunnel detected. Switching to $host..."
+          echo "Stopping current tunnel..."
+          pkill -f "ssh -D $port"
+          sleep 1
+        fi
+
+        echo "Starting SOCKS tunnel to $host on port $port..."
+
+        # Start SSH tunnel in background
+        ssh -D $port -N -f "$host"
+        if [[ $? -eq 0 ]]; then
+          echo "Tunnel established. Configuring system proxy..."
+
+          # Configure GNOME system proxy settings
+          gsettings set org.gnome.system.proxy mode 'manual'
+          gsettings set org.gnome.system.proxy.socks host 'localhost'
+          gsettings set org.gnome.system.proxy.socks port $port
+
+          echo "✓ System proxy enabled (localhost:$port -> $host)"
+        else
+          echo "✗ Failed to establish tunnel to $host"
+          return 1
+        fi
+      }
+
+      function tunnel-off() {
+        local port=1080
+        echo "Disabling system proxy..."
+        gsettings set org.gnome.system.proxy mode 'none'
+        echo "✓ System proxy disabled"
+
+        echo "Stopping SSH tunnels..."
+        pkill -f "ssh -D $port"
+        echo "✓ SSH tunnels stopped"
+      }
+
+      function tunnel-status() {
+        local port=1080
+        echo "=== GNOME System Proxy Status ==="
+        echo "Mode: $(gsettings get org.gnome.system.proxy mode)"
+        echo "SOCKS Host: $(gsettings get org.gnome.system.proxy.socks host)"
+        echo "SOCKS Port: $(gsettings get org.gnome.system.proxy.socks port)"
+
+        echo ""
+        echo "=== Active SSH Tunnels ==="
+        local tunnels=$(ps aux | grep -E "ssh -D $port" | grep -v grep)
+        if [[ -n "$tunnels" ]]; then
+          echo "$tunnels"
+        else
+          echo "No active SSH tunnels"
+        fi
+      }
+    '';
   };
 }